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ha$h-and~siqn paradigm 

David Naccache, David Pointcheval, Jacques Stern 

November 2001 Proceedings of the 8th ACM conference on Computer and 
Communications Security 

Full text available: "g pdf(4Q2.64 KB) Additional Information: full citation , abstract , references, index terms 

This paper introduces a simple alternative to the hash-and-sign paradigm, from the security 
point of view but for signing short messages, called twinning. A twin signature is obtained by 
signing twice a short message by a signature scheme. Analysis of the concept in different 
settings yields the following results: 

• We prove that no generic algorithm can efficiently forge a twin DSA signature. Although 
generic algorithms offer a less stringent form of security than computational red ... 

Keywords: digital signatures, discrete logarithm, flexible RSA problem, generic model, 
provable security, standard model 



2 Cryptograph ic protocols: The verific at i on of an industrial paym^ Q 
purchase phase 

Giampaolo Bella, Lawrence C. Paulson, Fabio Massacci 

November 2002 Proceedings of the 9th ACM conference on Computer and 
" " communications security 

Full text available: l g| pdf(209.87 KB) Additional Information: full citation , abstract , nsfejrejices, citings, index term s 

The Secure Electronic Transaction (SET) protocol has been proposed by a consortium of credit 
card companies and software corporations to secure e-commerce transactions. When the 
customer makes a purchase, the SET dual signature guarantees authenticity while keeping 
the customer's account details secret from the merchant and his choice of goods secret from 
the bank.This paper reports the first verification results for the complete purchase phase of 
SET. Using Isabelle and the inductive method, we ... 

Keywords: electronic commerce, formal verification, inductive specifications, isabelle proof 
assistant, security protocols 
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Securing ad hoc routing protocols 
Manel Guerrero Zapata, N. Asokan 

September 2002 Proceedings of the ACM workshop on Wireless security 

Full text available: pdf(258.53 KB) Additional Information: full citation , abstract , references , citings , index terms 

We consider the problem of incorporating security mechanisms into routing protocols for ad 
hoc networks. Canned security solutions like IPSec are not applicable. We look at AODV[21] 
in detail and develop a security mechanism to protect its routing information. We also briefly 
discuss whether our techniques would also be applicable to other similar routing protocols 
and about how a key management scheme could be used in conjunction with the solution 
that we provide. 

Keywords: SAODV, ad hoc wireless networks, hash chains, routing protocols, secure AODV, 
security 



4 Summaries of MobiHoc 2003 posters: Secure routing with tamper resistant module for Q 
mobi le Ad hoc net works 

Joo-Han Song, Vincent Wong, Victor Leung, Yoji Kawamoto 

July 2003 ACM SIGMOBILE Mobile Computing and Communications Review, Volume 7 issue 
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Full text available: 'gj pdf(144.05 KB) Additional Information: fu ll c itation, references 



5 Constructing replicated^ Q 
links 

P. D. Ezhilchelvan, S. K. Shrivastava, A. Tully 

April 1989 ACM SIGARCH Computer Architecture News , Proceedings of the 16th annual 

international symposium on Computer architecture, Volume 17 issue 3 
Full text available: "fl pdf(948.34 KB) Additional Information: full citation , abstra ct, references, citings, I ndex term s 

Replicated processing with majority voting is a well known method of achieving fault 
tolerance. We consider the problem of constructing a distributed system composed of an 
arbitrarily large number of N-modular redundant (NMR) nodes, where each node itself is 
composed of N, N = 2m + 1 and m ^ 1, processing and voting elements. Advanced 
microprocessors, such as Inmos Transputers, provide fast serial communication links for 
inter-processor communication, making it possible to construct larg ... 

Keywords: N-modular redundancy, fault tolerance, majority voting, replicated processing, 
sequencing algorithm 

6 Strong password-only authenticated kev excha nge Q 
?4vid RJablon 

Dctober 1996 ACM SIGCOMM Computer Communication Review, volume 26 issue 5 
Full text available: *g| pdf(1.52 MB) Additional Information: full citation , abstra ct, citings, index terms 

A new simple password exponential key exchange method (SPEKE) is described. It belongs to 
an exclusive class of methods which provide authentication and key establishment over an 
insecure channel using only a small password, without risk of offline dictionary attack. SPEKE 
and the closely-related Diffie-Hellman Encrypted Key Exchange (DH-EKE) are examined in 
light of both known and new attacks, along with sufficient preventive constraints. Although 
SPEKE and DH-EKE are similar, the constraints a ... 
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Rolf Oppliger 

August 2004 Communications of the ACM, Volume 47 Issue 8 

Full text available: f| pdf( 88.44 KB ) 1 Addjtjona| | nformation: fuH cjtationi abstract) references, index terms 
html(25.71 KB) ~~ ~~ "' " 

The lack of evidence for message receipt is a missing piece of the infrastructure required for 
the more professional use of email. 
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